[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
openldap database replication and multiple hosts TLScertificates question
- To: openldap-technical@openldap.org
- Subject: openldap database replication and multiple hosts TLScertificates question
- From: "lux-integ" <lux-integ@btconnect.com>
- Date: Thu, 21 Nov 2013 11:11:15 +0000
- Organization: bv
- User-agent: KMail/1.13.5 (Linux/3.1.4nbfARAID; KDE/4.4.5; x86_64; ; )
Greetings,
I am learning to configure/use openldap. I have a question regarding
database replication I have a primary openldap server. I prepared/installed
openssl certificates for the server -and he slapd.conf has these lines
#--- Define SSL and TLS properties
TLSCertificateFile /etc/certs/ldap1stServerCert.pem
TLSCertificateKeyFile /etc/certs/ldap1stServerKey.pem
TLSCACertificateFile /etc/certs/cacert.pem
#---if client authentication is/isNOT required
TLSVerifyClient demand
I want to replicate the database over two other hosts. Call these 2ndServer
and 3rdserver. Both of these computers ALSO have ssl certificates in
/etc/certs like so:-
#### in 2nd ldap host
/etc/certs/ldap2ndServerCert.pem
/etc/certs/ldap2ndServerKey.pem
/etc/certs/cacert.pem
#### in 3rd ldap host
/etc/certs/ldap3rdServerCert.pem
/etc/certs/ldap3rdServerKey.pem
/etc/certs/cacert.pem
As regards these certificates (the fact that they are not the same ) I would
like to know what happens when I try to do replication.. I am following the
guides
18.3.1.1. Syncrepl configuration (
http://www.openldap.org/doc/admin24/replication.html )
and
18.3.2. Delta-syncrepl ( also from
http://www.openldap.org/doc/admin24/replication.html )
( In otherwords is is best to remove the certificates and install after
replication or whatever. )
Thanks in advance
sincerely
LuxInteg